Default Passwords for World Wide Packets/Lightning Edge Equipment
Steven Bellovin
smb at cs.columbia.edu
Thu Jan 7 16:51:09 UTC 2010
On Jan 6, 2010, at 11:38 PM, Joe Hamelin wrote:
> On Wed, Jan 6, 2010 at 7:19 PM, Dobbins, Roland <rdobbins at arbor.net> wrote:
>> Which goes to show that they just really don't get it when it comes to security. Maybe they should look here at all the entries for 'default credentials':
>
> Roland, this isn't the home wi-fi market we're talking about. Anyone
> that's going to buy one of these puppies is going to have a clue about
> putting their password in.
Again, look at http://ids.ftw.fm/Home/publications/RouterScan-RAID09-Poster.pdf?attredirects=0 -- while consumer devices were much worse, there was a noticeable problem on enterprise devices and a significant problem with VoIP devices, and I suspect that those latter are largely enterprise-based.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list